IAMU Informer
Follow IAMU!
  • Informer News Feed
  • IAMU Website

APPA CEO Urges Review of Recent Cyber Attack

11/1/2016

0 Comments

 
Picture
In a recent memo to American Public Power Association (APPA) members, APPA CEO Sue Kelly urged municipal electric utilities to review a white paper recently posted by the Electricity Information and Analysis Center (E-ISAC).  The white paper discusses the recent Internet of Things (IoT) Distributed Denial of service (DDos) attacks on computer systems, and includes mitigation recommendations.  Kelly strongly recommended that public power systems read the report and take actions where necessary. The document can be downloaded here.

The “bottom line” of the paper is that the E-ISAC strongly recommends utilities examine their Internet-facing systems to ensure that:

• Internet-facing devices are inventoried and examined for vulnerabilities

• Internet-facing devices have sufficient business justification for being publicly exposed

• Utility-owned and managed systems that are exposed to the Internet have adequate protections in place to prevent the exploit described in the paper

• If you do not have the technical expertise within your utility to take these steps, you should seek assistance.
On October 21, 2016, a DDoS attack against the Dyn Managed Domain Name System (DNS) infrastructure occurred, which shut down some popular web based media systems.  Such attacks are escalating in scale.  This is the highest throughput DDoS attack seen to date.  Due to the highly interconnected state of the IoT, and the insecurity built into systems as mundane as consumer products and toys, there is a risk that this type of attack can now be leveraged against critical industrial control systems, such as those used in the electric power industry.

“I want to emphasize the importance of incorporating the E-ISAC’s recommendations into your cyber security programs and processes, due to the unprecedented scale of these recent attacks,” Kelly noted.  “Your immediate attention to these recommendations will help mitigate the risk of your cyber systems being misused or rendered unavailable, with all the actual and reputational damage such an event could cause.”

If you have not done so already, IAMU encourages its electric members to sign up for the E-ISAC portal to receive further details on this and other cyber risks.  You may also utilize the E-ISAC forum to stay informed and to share information on any cyber or physical attacks, so those in the electricity industry can learn from each other and better defend themselves.  To sign up, please contact the E-ISAC for further information at [email protected]  or  www.eisac.com.
0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Subscribe to The Informer!

    * indicates required

    Archives

    April 2025
    March 2025
    February 2025
    January 2025
    December 2024
    November 2024
    October 2024
    September 2024
    August 2024
    July 2024
    June 2024
    May 2024
    April 2024
    March 2024
    February 2024
    January 2024
    December 2023
    November 2023
    October 2023
    September 2023
    August 2023
    July 2023
    June 2023
    May 2023
    April 2023
    March 2023
    February 2023
    January 2023
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014

    RSS Feed

Picture

Copyright 2025 Iowa Association of Municipal Utilities